Threat Intelligence

A Report on Cyber Espionage Activities of Pawn Storm Over the Past Two Years

Pawn Storm, also known as Sednit, Fancy Bear, APT28, Sofacy, and STRONTIUM, is a cyber espionage organization operating for over a decade which has been particularly aggressive in the past few years. more

Denmark Says Russia Has Been Hacking Its Defense Ministry for Past Two Years

According to a new report by the Danish government's Center for Cybersecurity, hackers have breached email accounts and servers at both the Defense Ministry and the Foreign Ministry in 2015 and 2016. more

Walden Savings Bank to Switch from .com to a .bank TLD

Walden Savings Bank will be the fifth bank in New York state to switch its domain name from a .com top-level domain (TLD) to the new .bank TLD in May of this year. more

UK Government Reports Nearly Half of Businesses Identified Cyber Security Breaches in the Past Year

The UK government has released the results of national cybersecurity survey revealing nearly seven in ten large companies in the country have identified a breach or attack in the past 12 months. more

M3AAWG Offers Some Sensible Password Advice

M3AAWG is a trade association that brings together ISPs, hosting providers, bulk mailers, and a lot of infrastructure vendors to discuss messaging abuse, malware, and mobile abuse. (Those comprise the M3.) One of the things they do is publish best practice documents for network and mail operators, including two recently published, one on Password Recommendations for Account Providers, and another on Password Managers Usage Recommendations. more

Researches Demonstrate How IPv6 Attacks Can Bypass Network Intrusion Detection Systems

With the increasing popularity of IoT devices and the added interest of transition to IPv6, a whole new range of threat vectors are evolving that allow attackers to set up undetectable communications channels across networks. more

Permanent Denial-of-Service Attacks on the Rise, Incidents Involve Hardware-Damaging Assaults

Also known loosely as "phlashing" in some circles, Permanent Denial-of-Service (PDoS) is an increasing popular form of cyberattack that damages a system so badly that it requires replacement or reinstallation of hardware. more

IRS Reports Hackers Accessed Data of Up to 100,000 People via Financial Aid Site for Students

U.S. Internal Revenue Service Commissioner (IRS) testified before the Senate Finance Committee stating the agency has discovered fraudsters could use someone's personal data to fill out a financial aid application, and the "Data Retrieval Tool" would populate the application with tax information. more

Google to Distrust Symantec-Issued Certificates Amid Misuse

In a post on a developers’ forum, software engineer on the Google Chrome team Ryan Sleevi has announced Google’s plan to start gradually distrust all existing Symantec-issued certificates. more

Cisco Warning Software Used in Hundreds of Its Products Vulnerable to Critical Security Flaw

The security flaw was discovered by the company's own security researchers in WikiLeaks' most recent disclosure of classified information, released last week. more

Google Claims It Fixed the Security Holes the CIA Exploited

WikiLeaks shook the internet again on March 7, 2017, by posting several thousand documents containing information about the tools the CIA allegedly used to hack, among others, Android and iOS devices. These classified files were obtained from the CIA's Center for Cyber Intelligence, although they haven't yet been verified and a CIA official declined to comment on this incident. This isn't the first time that the U.S. government agencies were accused of crossing the line and undermining online security and civil liberties, as it's been only a year since the infamous FBI-Apple encryption dispute. It's like "1984" all over again. more

The Internet as Weapon

One of the most striking and enduring dichotomies in the conceptualization of electronic communication networks is summed up in the phrase "the Internet as weapon." With each passing day, it seems that the strident divergence plays in the press -- the latest being Tim's lament about his "web" vision being somehow perverted. The irony is that the three challenges he identified would have been better met if he had instead pursued a career at the Little Theatre of Geneva and let SGML proceed to be implemented on OSI internets rather than refactoring it as HTML to run on DARPA internets. more

WikiLeaks’ Vault 7: CIA Gives a Free Lesson in Personal Cyber Security

WikiLeaks' newly released Vault 7 trove is a tantalizing study in how one of the world's premiere intelligence agencies hacks devices. Analysts and experts have signaled that this leak appears authentic based on some clues in the content. But while it may ultimately be comparable in size to the Snowden or Manning leaks, it lacks the "wow" factor that made those landmark whistleblowing cases so important. What lessons are to be learned from the leaks, and how should we apply them to our personal digital lives? more

Over a Billion Email Addresses of Major Spam Operation Exposed via Unprotected Backups

A spamming group called River City Media (RCM) has had its database of 1.4 billion records leaked. This was revealed today by MacKeeper Security Researcher, Chris Vickery in cooperation with CSO Online and Spamhaus. more

Into the Gray Zone: Considering Active Defense

Most engineers focus on purely technical mechanisms for defending against various kinds of cyber attacks, including "the old magic bullet," the firewall. The game of cannons and walls is over, however, and the cannons have won; those who depend on walls are in for a shocking future. What is the proper response, then? What defenses are there The reality is that just like in physical warfare, the defenses will take some time to develop and articulate. more